View
160
Download
1
Category
Tags:
Preview:
Citation preview
Data Reuse Agreements (DRA)
Jean Stanford
Arnon Rosenthal, PhD
Peter Mork, PhD
MIP 2010
Approved for Public Release
© 2011 The MITRE Corporation. All rights reserved
Problem
The Office of the National Coordinator for Health Care IT (ONC) is spending roughly $20 billion* to encourage hospitals and providers to adopt electronic health records (EHRs).
– To get funded, they must be able to demonstrate interoperable data exchange with other providers while respecting patient privacy policies
– There is no electronic means to manage patient privacy policies, access them in real time or alert patients that their records are being requested
– It’s still on paper.
*HITECH Fact Sheet at http://www.himss.org/content/files/12_04_09_ARRAHITECHHIE_FactSheet.pdf
© 2011 The MITRE Corporation. All rights reserved
Background
Example: Sgt. Bob has records at the VA and DoD health care facilities and with private sector pharmacies & physicians. Consent forms are needed to share data across these systems.
VA VA
DoD DoD
© 2011 The MITRE Corporation. All rights reserved
Objective
Provide the framework for meaningful, granular, expression of patient consents
– Provide a user interface for patients and providers to access at their convenience, through a browser or mobile device
– Provide nationwide patient consent capture and management
Provide nationwide provider record request capability
Request for specific patient record
Determination of fit with patient consent
Provide a patient-viewable log of consent requests and recommended disposition
© 2011 The MITRE Corporation. All rights reserved
Activities
Developed use cases
Conducted literature review
Developed operations concept
Developed user interface
Integrated with ESP program to provide the policy reasoning and enforcement facility needed to implement the consent policies
© 2011 The MITRE Corporation. All rights reserved
Conceptual Architecture
Request Server Request Server
(e.g., hData)(e.g., hData)
Request Server Request Server
(e.g., hData)(e.g., hData)
Record Holder ServerRecord Holder ServerRecord Holder ServerRecord Holder Server
EHREHREHREHR
BrowserBrowserBrowserBrowser
Consent ServerConsent ServerConsent ServerConsent Server
Consent DBConsent DBConsent DBConsent DB
Policy Policy
ReasonerReasoner
Policy Policy
ReasonerReasonerPolicy Policy EnforcerEnforcerPolicy Policy EnforcerEnforcer
VA VA
© 2011 The MITRE Corporation. All rights reserved
Consent Server User Interface
7
© 2011 The MITRE Corporation. All rights reserved
Impacts
Sponsor Presentations:
– Office of the National Coordinator
– Substance Abuse and Mental Health Services Administration
– Department of Veterans Affairs
Other Discussions:
– Healthcare Information and Management Systems Society
– GE Healthcare
– United HealthCare
Open Source:
– https://sourceforge.net/projects/kaironconsents/
© 2011 The MITRE Corporation. All rights reserved
Future Plans
Policy MaturityAccepted Practices Inchoate
Tec
hnic
al C
ompl
exity
Low
Hig
h
Preemptory Access
Patient Review & Approve
Integrate with State Mandates
Intelligent Redaction
Credential Matching
Eliciting Patient Preferences
Automated Enforcement
Implemented
Grand Challenges
Under Development
Integrate Care Relationships
Audit
Recommended